back to article Popular 3G/4G data dongles are desperately vulnerable, say hackers

Cellular modems from four vendors have been popped by security researchers, who have documented cross-site scripting (XSS), cross-site request forgery (CSRF), remote code execution (RCE) and integrity attacks on the products. The research published by Positive Technologies and carried out by the SCADA Strangelove team looked …

  1. Christian Berger

    Well, but changing firmware from the user side is a feature...

    ...not a bug. Not being able to change the firmware myself would be a bug as it would keep me from updating/modifying my firmware as I wish.

    An actual bug would be if the operator/manufacturer could change the firmware without my consent... unfortunately the operators and manufacturers have a different view on this.

    1. Anonymous Coward
      Anonymous Coward

      Re: Well, but changing firmware from the user side is a feature...

      It's a feature, sure, but you'd be able to mess about with that special little bit of 'extra' functionality in there that allows you to be 'monitored' for your own safety.

  2. Warm Braw Silver badge

    Cellular modems

    The investigators bundled together dongle-style devices and WiFi+3G/4G routers under the collective title of "modems". It's unlikely your typical USB dongle, lacking a webserver, is going to be vulnerable to most of the attacks they describe, so it might have been better to preserve the distinction.

    1. Charlie Clark Silver badge

      Re: Cellular modems

      Yep, my trusty old ZTE dongle only understand AT commands and you need physical access to fuck with it.

      That said, I bet the firmware is a pile of crap.

    2. Sandtitz Silver badge

      Re: Cellular modems

      "It's unlikely your typical USB dongle, lacking a webserver, is going to be vulnerable to most of the attacks they describe, so it might have been better to preserve the distinction."

      It *should* be unlikely, but my 4G laptop modem (made by Huawei) recently had a "Remote execution of arbitrary code" vulnerability.

      The modem can't differ much from your typical USB dongles.

  3. Anonymous Coward
    Linux

    Vulnerable to remote code execution

    "The researchers say all of the devices they tested .. are vulnerable to remote code execution"

    Is it possible to design the hardware with a switch that renders the executable parts of the device read-only?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021